REMARKS 



Claims 1-34 are pending in the present application. 

The Examiner has rejected claims 1-6, 9-18, 21-28 and 31-34 under U.S.C. § 
102(e) as being anticipated by US patent Publication No. 2003/0005118 to Williams 
(hereinafter simply "Williams"). The Examiner has also rejected claims 7, 8, 19, 20, 29 
and 30 under 35 U.S.C. § 103(a) as being unpatentable over Williams in view of US 
Patent No. 5,907,621 to Bachman et al. (hereinafter simply "Bachman"). 

Williams does appear to disclose redirecting a request from a first server to a 
second server (a login server), but does not appear to disclose that the redirecting 
includes transmitting a session token to a second server as required by claim 1. 

At paragraph 1 on page 3 of the Office Action of June 1, 2007, the Examiner 
points to lines 12-18 of paragraph [0067] where Williams merely provides a general 
definition of a redirect as allowing "a server to respond to a client request with 
instructions to load a resource at a different location". Williams sets out that "most 
browsers will automatically request the new resource in response to a redirect". 
Further, Williams specifies that "When the browser receives the HTTP redirect, the 
browser issues a new HTTP Request using the redirected URI provided in the HTTP 
redirect". A good example of this type of redirection is when a website's address is 
changed to a new address - when a request is made to the server for the old 
website, the server responds and provides a new location to the browser. The 
browser, upon receiving the response from the server providing the new location, 
will issue a new HTTP Request using the redirected URI (location) provided in the 
HTTP Redirect. Most browsers will automatically redirect the client to the new 
location. 
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The important difference to note is tliat in Williams, it is submitted tliat there 
is no disclosure of the transmission of a session token from a first server to a second 
server. 

Perhaps to illustrate that a server in Williams may, as required by claim 1, 
receive a request accompanied by an encrypted session token, which it is submitted 
that Williams does not otherwise disclose, the Examiner has cited a passage in 
paragraph [0051] of Williams that reads, "the entities within the network may share 
or synchronize cryptographic keys as appropriate in accordance with many well- 
known manners in the prior art." It is submitted that the cited passage teaches 
away from the method of claim 1. If the first server and the second server of claim 
1 share or synchronize cryptographic keys, then there is no requirement for the first 
server to decrypt an encrypted session token, received with a request, before 
transmitting the session token to the second server a required by Claim 1. 

Since it is submitted that Williams does not suggest or disclose transmitting a 
session token, received along with a request, to a second server, it is further 
submitted that the method of claim 1 is not anticipated by Williams. It is 
respectfully requested that the Examiner withdraw the rejection of claim 1, and 
Claims 2-6 and 9-12 dependent, either directly or indirectly, thereon, as anticipated 
by Williams. 

Claim 13 is directed to a system for secure session management. The system 
of claim 13 includes a first server including a first request handler. Claim 13 requires 
that the first request handler transmit a session token to a second server. Further to 
the discussion above, it is submitted that Williams does not suggest or disclose a 
first request handler transmitting a session token, received along with a request, to 
a second server. Accordingly, it is submitted that the system of claim 13 is not 
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anticipated by Williams. It Is respectfully requested that the Examiner withdraw the 
rejection of claim 13, and Claims 14-18 dependent, either directly or Indirectly, 
thereon, as anticipated by Williams. 

Claim 23 Is directed to a computer program product having a computer- 
readable medium tangibly embodying computer executable instructions for secure 
session management. The computer program product of claim 23 includes computer 
executable instructions for transmitting a session token to a second server. Further 
to the discussion above, it is submitted that Williams does not suggest or disclose 
computer executable instructions for transmitting a session token, received along 
with a request, to a second server. Accordingly, it is submitted that the computer 
program product of claim 23 is not anticipated by Williams. It is respectfully 
requested that the Examiner withdraw the rejection of claim 23, and Claims 24-28 
and 31-34 dependent, either directly or Indirectly, thereon, as anticipated by 
Williams. 

The Examiner has rejected claims 7 and 8 under 35 U.S.C. § 103(a) as being 
unpatentable over Williams in view of Bachman. Claims 7 and 8 depend indirectly 
from claim 1 and add limitations. The Examiner contends that Williams discloses 
most of the subject matter of claims 7 and 8 and cites Bachman to illustrate that the 
additional limitations added by claims 7 and 8 were known at the time the claimed 
inventions was made. Without regard to whether Bachman discloses the limitations 
added by claims 7 and 8, it is submitted that Bachman does not suggest or disclose 
transmitting a session token to a second server as required by claim 1. 

Since it is submitted that neither Williams nor Bachman, nor a combination of 
Williams and Bachman suggest or disclose transmitting a session token, received 
along with a request, to a second server, it is further submitted that the method of 
claims 7 and 8 are patentable over Williams In view of Bachman. It is respectfully 



requested that the Examiner withdraw the rejection of claims 7 and 8 as obvious. 

The Examiner has rejected claims 19 and 20 under 35 U.S.C. § 103(a) as 
being unpatentable over Williams in view of Bachman, Claims 19 and 20 depend 
indirectly from claim 13 and add limitations. The Examiner contends that Williams 
discloses most of the subject matter of claims 19 and 20 and cites Bachman to 
illustrate that the additional limitations added by claims 19 and 20 were known at 
the time the claimed inventions was made. Without regard to whether Bachman 
discloses the limitations added by claims 19 and 20, it is submitted that Bachman 
does not suggest or disclose a first request handler transmitting a session token, 
received along with a request, to a second server, as required by claim 13. 

Since it is submitted that neither Williams nor Bachman, nor a combination of 
Williams and Bachman suggest or disclose a first request handler transmitting a 
session token, received along with a request, to a second server, it is further 
submitted that the system of claims 19 and 20 are patentable over Williams in view 
of Bachman. It is respectfully requested that the Examiner withdraw the rejection 
of claims 19 and 20 as obvious. 

The Examiner has rejected claims 29 and 30 under 35 U.S.C. § 103(a) as 
being unpatentable over Williams in view of Bachman. Claims 29 and 30 depend 
indirectly from claim 23 and add limitations. The Examiner contends that Williams 
discloses most of the subject matter of claims 29 and 30 and cites Bachman to 
illustrate that the additional limitations added by claims 29 and 30 were known at 
the time the claimed inventions was made. Without regard to whether Bachman 
discloses the limitations added by claims 29 and 30, it is submitted that Bachman 
does not suggest or disclose computer executable instructions for transmitting a 
session token, received along with a request, to a second server, as required by 
claim 23. 



Since it is submitted that neither Williams nor Bachman, nor a combination of 
Williams and Bachman suggest or disclose computer executable instructions for 
transmitting a session token, received along with a request, to a second server, it is 
further submitted that the computer program products of claims 29 and 30 are 
patentable over Williams in view of Bachman. It is respectfully requested that the 
Examiner withdraw the rejection of claims 29 and 30 as obvious. 

Favourable reconsideration and allowance of this application are respectfully 
requested. 



Respectfully Submitted, 



By: 




Colin C. Climie, Regn. No. 56,036 



Place: Toronto, Ontario, Canada 
Date: August 1, 2007 
Tele No.: 416-868-1482 
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